News
Our Degree Programs
Establishment
Language of instruction
English, French
Teaching content
MB-IT
Training officer(s)
F.VANLAERE
Stakeholder(s)
D.DELANNOY, F. Van Laere
Présentation
Prerequisite
To follow this module, the student must know the basic notions of local networks (Ethernet, IP, static routing, TCP-UDP, DHCP, DNS, usual web application protocols, Know how to use Linux commands for networks (ifconfig, route, ...) and an analysis tool (Wireshark). He is also familiar with the basics of file systems, computer memory management, and programming in C language.
Reference : « algorithmie et C language », « network and system base module », « operating system module » M1 ISEN Lille
Reference : « algorithmie et C language », « network and system base module », « operating system module » M1 ISEN Lille
Goal
Skills expected : 34 (342/343), 43 (431/432/433), 56 (561/562), 63 (634), 110 (1102)
This module is an in-depth study of systems and networks in four areas: research and collection of computer data, their analysis (production of evidence), their interpretation (production of an investigation report), and finally Their archiving. The objective is to produce the diagnosis of a machine by mobilizing specific tools and techniques around specific processes.
Orientation is suitable for engineering profiles in the security field.
At the end of the course, the student will:
- Know how to analyze a file system, a memory image, a network traffic
- Be able to detect abnormalities, abnormal activities, and to identify evidence
- Be able to trace the complete scenario of the actions not conforming to the standard use
- Be able to diagnose an incident
- Understand malignant exploitation of vulnerabilities in a computer system
The project approach requires the acquisition of transversal skills in the analysis of the data, the proposed scenarios and the written restitution of the work carried out and the conclusions.
This module is an in-depth study of systems and networks in four areas: research and collection of computer data, their analysis (production of evidence), their interpretation (production of an investigation report), and finally Their archiving. The objective is to produce the diagnosis of a machine by mobilizing specific tools and techniques around specific processes.
Orientation is suitable for engineering profiles in the security field.
At the end of the course, the student will:
- Know how to analyze a file system, a memory image, a network traffic
- Be able to detect abnormalities, abnormal activities, and to identify evidence
- Be able to trace the complete scenario of the actions not conforming to the standard use
- Be able to diagnose an incident
- Understand malignant exploitation of vulnerabilities in a computer system
The project approach requires the acquisition of transversal skills in the analysis of the data, the proposed scenarios and the written restitution of the work carried out and the conclusions.
Presentation
This module covers the following topics:
- The network traffic analysis and reconstruction of the exchange history
- The analysis of a file system for hidden information
- The analysis of the machine memory and retrieve of the information it contains
- The concealment of information in files
- The methodology of forensics and report writing
- The network traffic analysis and reconstruction of the exchange history
- The analysis of a file system for hidden information
- The analysis of the machine memory and retrieve of the information it contains
- The concealment of information in files
- The methodology of forensics and report writing
Modalités
Organization
| Type | Amount of time | Comment | |
|---|---|---|---|
| Face to face | |||
| Lectures - face to face | 4,00 | ||
| Lab | 24,00 | ||
| Independent study | |||
| Independent study | 30,00 | ||
| Overall student workload | 58,00 | ||
Evaluation
| Control type | Duration | Amount | Weighting |
|---|---|---|---|
| Continuous assessment | |||
| Lab grade | 1,00 | 6 | 50,00 |
| Final Exam | |||
| Written test | 2,00 | 1 | 50,00 |
| TOTAL | 100,00 | ||